Find Android Security Hole, You're Rewarded up to $200,000

Good news for you application developers and IT workers especially who are involved in security work. Google will provide great value gifts for anyone who can find a security hole on Android. This offer is realized by Google in an Android Security Rewards (ASR) program, which was launched 2 years ago.

This time, Google is again preparing a huge reward for people who managed to find Android security hole, especially to avoid attacks that are far away.

Android Security Rewards. (androidauthority)

The rewards vary. Many rewards depend on the nature of the vulnerability found. However, Google says the average compensation paid is $ 2,150 for each proven claim. While the highest total prize offered by Google is $ 150 thousand and $ 200 thousand for those who managed to find Android security hole this month.

Here are the rewards based on the difficulty level. This reward is effective from 1 June 2017.

Severity

Complete Report* + PoC

Payment range (if report includes an
exploit leading to Kernel compromise)**

Payment range (if report includes an
exploit leading to TEE compromise)**

Critical

Required

Up to $150,000

Up to $200,000

High

Required

Up to $75,000

Up to $100,000

Moderate

Required

Up to $20,000

Up to $35,000

Low

Required

Up to $330

Up to $330

* Bug reports that are incomplete or do not include a proof of concept will receive up to $200 depending on severity.

As is known, the Android Security Rewards initiative is Google's effort to bring monthly security updates to Android users. Over the past two years, dozens of IT researchers have received an average payout of around $ 10,000 because they managed to find an Android security hole.

In total, over the past two years, Google has rewarded more than $ 1.5 million to inventors of Android security holes, both for teams and individuals.